Zoek.exe Version 4.0.0.4 Updated 31-08-2013 Tool run by Koen Boute on za 31/08/2013 at 18:22:13,85. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\KOENBO~1\AppData\Local\Temp\Rar$EXa0.121\zoek.exe [Script inserted] ==== System Restore Info ====================== ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Internet Explorer\SearchScopes\{425EB049-B938-465E-B148-2C79A9F3E0F2} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF103732-4528-4322-AA8B-F7849AB7776B} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\AVG\\\\AVG2012\\\\Firefox4\",\"mtime\":1362558923939},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\14.2.0.1\",\"mtime\":1361470600852}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1364642385619}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{58bd07eb-0ee0-4df0-8121-dc9b693373df}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Browser Manager\\\\2.6.1123.78\\\\{16cdff19-861d-48e3-a751-d99a27784753}\\\\FirefoxExtension\",\"mtime\":1361020001819}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1360931893991},\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\plugin@yontoo.com.xpi\",\"mtime\":1364647225903},\"toolbar@ask.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1364845132389},\"torntv@torntv.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\torntv@torntv.com.xpi\",\"mtime\":1360860762382}}}]"); ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "be265d5200000000000088252c6c20d1"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15901"); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.522:27:05"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", "affID=119293&tt=150713_9127&tsp=4944"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", "ss"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\AVG\\\\AVG2012\\\\Firefox4\",\"mtime\":1362558923939},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\14.2.0.1\",\"mtime\":1361470600852}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1364642385619}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{58bd07eb-0ee0-4df0-8121-dc9b693373df}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Browser Manager\\\\2.6.1123.78\\\\{16cdff19-861d-48e3-a751-d99a27784753}\\\\FirefoxExtension\",\"mtime\":1361020001819}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\ffxtlbr@disabled.com\",\"mtime\":1360931893991},\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\plugin@yontoo.com.xpi\",\"mtime\":1364647225903},\"toolbar@ask.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1364845132389},\"torntv@torntv.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\torntv@torntv.com.xpi\",\"mtime\":1360860762382}}}]"); ---- Lines Torntv removed from user.js ---- ---- Lines ask.com removed from prefs.js ---- ---- Lines ask.com modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\AVG\\\\AVG2012\\\\Firefox4\",\"mtime\":1362558923939},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\14.2.0.1\",\"mtime\":1361470600852}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1364642385619}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{58bd07eb-0ee0-4df0-8121-dc9b693373df}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Browser Manager\\\\2.6.1123.78\\\\{16cdff19-861d-48e3-a751-d99a27784753}\\\\FirefoxExtension\",\"mtime\":1361020001819}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\ffxtlbr@disabled.com\",\"mtime\":1360931893991},\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\plugin@yontoo.com.xpi\",\"mtime\":1364647225903},\"toolbar@ask.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1364845132389},\"disabled@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\disabled@disabled.com.xpi\",\"mtime\":1360860762382}}}]"); ---- Lines ask.com removed from user.js ---- ---- Lines y2layers removed from prefs.js ---- user_pref("extentions.y2layers.installId", "48CAB362-D310-750C-014C-E455CD04EA65"); user_pref("extentions.y2layers.installId_backup", "48CAB362-D310-750C-014C-E455CD04EA65"); ---- Lines y2layers modified from prefs.js ---- ---- Lines y2layers removed from user.js ---- ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- user_pref("extensions.enabledAddons", "plugin%40yontoo.com:1.20.02,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2"); user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\AVG\\\\AVG2012\\\\Firefox4\",\"mtime\":1362558923939},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\14.2.0.1\",\"mtime\":1361470600852}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1364642385619}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{58bd07eb-0ee0-4df0-8121-dc9b693373df}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Browser Manager\\\\2.6.1123.78\\\\{16cdff19-861d-48e3-a751-d99a27784753}\\\\FirefoxExtension\",\"mtime\":1361020001819}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\ffxtlbr@disabled.com\",\"mtime\":1360931893991},\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\plugin@yontoo.com.xpi\",\"mtime\":1364647225903},\"toolbar@disabled\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\toolbar@disabled\",\"mtime\":1364845132389},\"disabled@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Koen Boute\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\aovp1xs9.default\\\\extensions\\\\disabled@disabled.com.xpi\",\"mtime\":1360860762382}}}]"); ---- Lines yontoo removed from user.js ---- ---- Lines funmoods removed from prefs.js ---- ---- Lines funmoods modified from prefs.js ---- ---- Lines funmoods removed from user.js ---- ---- Lines SpeedAnalysis removed from prefs.js ---- ---- Lines SpeedAnalysis modified from prefs.js ---- ---- Lines SpeedAnalysis removed from user.js ---- ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- Lines OneClickDownload removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20133108_1830_.backup prefs_20133108_1830_.backup ProfilePath: C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\extensions ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- ---- Lines Torntv removed from prefs.js ---- ---- Lines Torntv modified from prefs.js ---- ---- Lines Torntv removed from user.js ---- ---- Lines ask.com removed from prefs.js ---- ---- Lines ask.com modified from prefs.js ---- ---- Lines ask.com removed from user.js ---- ---- Lines y2layers removed from prefs.js ---- ---- Lines y2layers modified from prefs.js ---- ---- Lines y2layers removed from user.js ---- ---- Lines yontoo removed from prefs.js ---- ---- Lines yontoo modified from prefs.js ---- ---- Lines yontoo removed from user.js ---- ---- Lines funmoods removed from prefs.js ---- ---- Lines funmoods modified from prefs.js ---- ---- Lines funmoods removed from user.js ---- ---- Lines SpeedAnalysis removed from prefs.js ---- ---- Lines SpeedAnalysis modified from prefs.js ---- ---- Lines SpeedAnalysis removed from user.js ---- ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- Lines OneClickDownload removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20133108_1830_.backup prefs_20133108_1830_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "BrowserMngrDefaultScope"=- ==== Deleting Files \ Folders ====================== "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default\searchplugins\delta.xml" deleted "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default\extensions\torntv@torntv.com.xpi" deleted "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default\extensions\plugin@yontoo.com.xpi" deleted "C:\Program Files (x86)\Mozilla Firefox\user.js" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml" deleted "C:\Users\Koen Boute\Downloads\iLividSetupV1.exe" deleted "C:\Users\Koen Boute\Downloads\SoftonicDownloader_voor_windows-live-messenger-2012.exe" deleted "C:\Windows\SysNative\roboot64.exe" deleted "C:\Users\Koen Boute\AppData\Local\funmoods-speeddial.crx" deleted "C:\Users\Koen Boute\AppData\Local\funmoods.crx" deleted "C:\Windows\tasks\PC Performer.job" deleted "C:\windows\SysNative\Tasks\GoforFilesUpdate" deleted "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default\searchplugins\askcom.xml" deleted "C:\Users\Public\Desktop\PC Performer.lnk" deleted "C:\Program Files (x86)\TornTV.com" deleted "C:\Program Files (x86)\uTorrentBar_NL" deleted "C:\Program Files (x86)\PC Performer" deleted "C:\Program Files (x86)\1ClickDownload" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\Program Files (x86)\Incredibar.com" deleted "C:\Program Files (x86)\WiseConvert" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Users\Koen Boute\AppData\Roaming\SpeedAnalysis3" deleted "C:\Users\Koen Boute\AppData\Roaming\GoforFiles" deleted "C:\Users\Koen Boute\AppData\Roaming\SendSpace" deleted "C:\Users\Koen Boute\AppData\Roaming\Babylon" deleted "C:\Users\Koen Boute\AppData\Roaming\File Scout" deleted "C:\Users\Koen Boute\AppData\Roaming\PerformerSoft" deleted "C:\Users\Koen Boute\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\Ask" deleted "C:\ProgramData\IBUpdaterService" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Premium" deleted "C:\ProgramData\Babylon" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer" deleted "C:\Users\Koen Boute\AppData\Local\Ilivid Player" deleted "C:\Users\Koen Boute\AppData\Local\CRE" deleted "C:\Users\Koen Boute\AppData\Local\APN" deleted "C:\Users\Koen Boute\AppData\Local\PackageAware" deleted "C:\Users\Koen Boute\AppData\Local\Conduit" deleted "C:\Users\Koen Boute\AppData\LocalLow\BabylonToolbar" deleted "C:\Users\Koen Boute\AppData\LocalLow\Delta" deleted "C:\Users\Koen Boute\AppData\LocalLow\uTorrentBar_NL" deleted "C:\Users\Koen Boute\AppData\LocalLow\PriceGong" deleted "C:\Users\Koen Boute\AppData\LocalLow\Conduit" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default\jetpack" deleted "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default\extensions\speedanalysis03@SpeedAnalysis.com" deleted "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com" deleted "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\ffxtlbr@funmoods.com" deleted "C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\KOENBO~1\AppData\Local\Temp ==== 2013-08-29 20:41:38 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Users\KOENBO~1\AppData\Local\Temp\UNINSTALL.EXE ====== C:\Windows\SysWOW64 ===== 2013-08-30 16:30:54 84F9B4C0569C6A96ED3425D5382CA7F0 21880 ----a-w- C:\Windows\SysWOW64\authuitu.dll 2013-08-29 19:46:12 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\SBRC.dat 2013-08-21 18:01:53 5FEFD614BBD3FFA3712B172F70B1FDE2 24576 ----a-w- C:\Windows\SysWOW64\msxml3a.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-08-30 16:31:00 832699889DCACAECA2A3FEC46EA70A7A 35192 ----a-w- C:\Windows\Sysnative\TURegOpt.exe 2013-08-30 16:30:54 A1D2F7804188302ADEB12DB1DC674C1F 26488 ----a-w- C:\Windows\Sysnative\authuitu.dll ====== C:\Windows\Sysnative\drivers ===== 2013-08-14 11:06:56 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2013-08-14 11:06:55 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-31 15:44:14 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-08-31 16:10:40 -------- d-----w- C:\Program Files (x86)\WinRAR 2013-08-31 16:07:14 -------- d-----w- C:\Program Files (x86)\Speed Analysis 3 2013-08-21 18:01:54 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia 2013-08-21 18:01:47 -------- d-----w- C:\Program Files (x86)\AVS4YOU 2013-08-21 16:43:11 -------- d-----w- C:\Program Files (x86)\MediaConverter 2013-08-16 11:08:44 -------- d-----w- C:\Program Files (x86)\VTech ======= C: ===== ====== C:\Users\Koen Boute\AppData\Roaming ====== 2013-08-31 16:11:12 -------- d-----w- C:\users\Koen Boute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-31 16:07:11 -------- d-----w- C:\users\Koen Boute\AppData\Roaming\7go 2013-08-31 16:07:09 7E87C3301ED85E468ABF1204B85B335C 30894 ----a-w- C:\users\Koen Boute\AppData\Roaming\speedanalysis.ico 2013-08-30 19:32:01 -------- d-----w- C:\users\Seppe\AppData\Roaming\AVG2013 2013-08-30 19:31:59 -------- d-----w- C:\users\Seppe\AppData\Local\Avg2013 2013-08-30 16:17:28 -------- d-----w- C:\users\Koen Boute\AppData\Roaming\AVG2013 2013-08-30 16:11:45 -------- d-----w- C:\users\Koen Boute\AppData\Local\MFAData 2013-08-30 16:11:45 -------- d-----w- C:\users\Koen Boute\AppData\Local\Avg2013 2013-08-21 18:05:19 -------- d-----w- C:\users\Koen Boute\AppData\Roaming\AVS4YOU 2013-08-21 18:01:42 -------- d-----w- C:\users\Koen Boute\AppData\Local\Programs 2013-08-16 12:20:27 -------- d-----w- C:\users\Koen Boute\AppData\Roaming\DVDVideoSoft 2013-08-16 11:09:40 C87E58121F766A0560BD451905E11D62 676 ----a-w- C:\users\Koen Boute\AppData\Local\cookies.ini 2013-08-16 11:09:37 -------- d-----w- C:\users\Koen Boute\AppData\Local\cache 2013-08-14 21:32:41 -------- d-----w- C:\users\Seppe\AppData\Locallow\Adobe 2013-08-14 21:32:41 -------- d-----w- C:\users\Seppe\AppData\Local\Adobe 2013-08-12 15:43:25 -------- d-----w- C:\users\Seppe\AppData\Roaming\WinRAR 2013-08-07 13:14:01 -------- d-----w- C:\users\Seppe\AppData\Roaming\Guitar Pro 6 2013-08-06 12:49:19 -------- d-----w- C:\users\Koen Boute\AppData\Roaming\dvdcss 2013-08-05 21:35:45 -------- d-----w- C:\users\Seppe\AppData\Roaming\vlc ====== C:\Users\Koen Boute ====== 2013-08-31 16:11:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-31 15:43:16 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Koen Boute\Desktop\RSITx64.exe 2013-08-30 16:30:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2013-08-30 16:29:09 -------- d-----w- C:\ProgramData\AVG 2013-08-30 16:28:55 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} 2013-08-30 16:16:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2013-08-30 16:15:12 -------- d-----w- C:\ProgramData\AVG2013 2013-08-21 18:01:53 -------- d-----w- C:\ProgramData\AVS4YOU 2013-08-21 17:56:59 503396F925758D79DF96EFCE3FC6291A 67230714 ----a-w- C:\Users\Koen Boute\Downloads\AVSVideoConverter[A4].exe 2013-08-21 16:43:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaConverter 2013-08-16 11:09:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTech 2013-08-16 11:08:44 -------- d-----w- C:\ProgramData\VTech 2013-08-12 15:43:54 F830941AEE63147CF4D7938E6A7EBAC0 129672 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - Lp.jpg 2013-08-12 15:43:54 B8187749CA90BAC34E6900257F5915ED 7459547 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - 07 Inside The Demons Heart.mp3 2013-08-12 15:43:54 B3DC9DDAFBBF1AF9B4030446629DC623 3115474 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - 05 Moving Ice.mp3 2013-08-12 15:43:54 8B949AD67FFD19C78CA2625C4F131B9B 5307689 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - 06 Artemis.mp3 2013-08-12 15:43:54 809FEB07A745251675A8A6588A284369 137335 ----a-w- C:\Users\Seppe\cover.jpg 2013-08-12 15:43:54 6A032C054B43408CE0C9F83DBA854E42 6026425 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - 04 Wahnsinn.mp3 2013-08-12 15:43:54 066AB23DEEC89042A3A3D3A8921589CE 4068435 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - 08 Soultaker.mp3 2013-08-12 15:43:53 C48E7A101E19630DDC2754A37FEACD24 3609891 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - 01 The Tragedy We Live In.mp3 2013-08-12 15:43:53 BED8576FBDE1EE3B1D09BD46B6361179 5591759 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - 02 Chains.mp3 2013-08-12 15:43:53 A48821C32002A7B8EB07047DA4519F16 12250150 ----a-w- C:\Users\Seppe\The Tragedy We Live In - The Tragedy We Live In - 03 There Must Be A Way Out.mp3 ====== C: exe-files == 2013-08-31 16:10:43 C5318421E90DC0A94E90231AF1FE0791 123904 ----a-w- C:\Program Files (x86)\WinRAR\Uninstall.exe 2013-08-31 16:10:43 9A31F7D5248712D6725234C6B16CEC18 270336 ----a-w- C:\Program Files (x86)\WinRAR\UnRAR.exe 2013-08-31 16:10:43 9213C294BBFCAA9AA063367A1647452B 1159168 ----a-w- C:\Program Files (x86)\WinRAR\WinRAR.exe 2013-08-31 16:10:43 8BABC98395F0D8FC0968982237B1BC8F 404992 ----a-w- C:\Program Files (x86)\WinRAR\Rar.exe 2013-08-31 16:09:24 E1ED6342BAFFB7F0BE44B5EBA8F8A7F3 1517376 ----a-w- C:\Users\Koen Boute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF075PVZ\WinRAR420.exe 2013-08-31 16:07:25 674A243C29F292A40AD3088575F20DF4 110355 ----a-w- C:\Program Files (x86)\Speed Analysis 3\uninst.exe 2013-08-31 16:07:18 2DEE0EAF000475C286686D177DCF711A 92357 ----a-w- C:\Program Files (x86)\Speed Analysis 3\uninstall.exe 2013-08-31 16:06:33 4E241C82578E74F94D61FA97A075828B 698656 ----a-w- C:\Users\Koen Boute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF075PVZ\Winrar_SoftangoDownloader.exe 2013-08-31 15:44:14 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Koen Boute.exe 2013-08-31 15:43:16 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Koen Boute\Desktop\RSITx64.exe 2013-08-30 16:31:00 832699889DCACAECA2A3FEC46EA70A7A 35192 ----a-w- C:\Windows\System32\TURegOpt.exe 2013-08-30 16:11:17 72A2F9728BCB9743553E2A188CEFF303 4491824 ----a-w- C:\Users\Koen Boute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF075PVZ\avg_avct_stb_all_2013_3392_cm10.exe 2013-08-29 20:41:38 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Users\Koen Boute\AppData\Local\Temp\UNINSTALL.EXE 2013-08-28 08:43:54 B95E8481C02F68015370682765A3B9EC 475456 ----a-w- C:\Program Files (x86)\Speed Analysis 3\BackgroundHost64.exe 2013-08-28 08:43:54 9A21ACB26103A4987967BC2704A3AF44 635712 ----a-w- C:\Program Files (x86)\Speed Analysis 3\BackgroundHost.exe === C: other files == 2013-08-30 16:16:47 0F12F47268CE663E833F98A986379950 1374879 ----a-w- C:\Program Files (x86)\AVG\AVG2013\banners\banners.zip 2013-08-30 16:16:22 F922B61959F1E61F32E3F0FCEB4E7A7A 323 ----a-w- C:\ProgramData\AVG2013\IDS\config\quarantinedList.zip ==== Firefox Extensions ====================== ProfilePath: C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default - 7Go Games - %ProfilePath%\extensions\7go@7go.com ==== Firefox Plugins ====================== Profilepath: C:\Users\Koen Boute\AppData\Roaming\Mozilla\Firefox\Profiles\aovp1xs9.default D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.170.2 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Koen Boute\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director 4676A8E1EE37E71486717ECD1E61C17B - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bbjciahceamgodcoidkjpchnokgfpphh - C:\Users\KOENBO~1\AppData\Local\funmoods.crx[] cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\KOENBO~1\AppData\Local\Temp\ccex.crx[] cjpglkicenollcignonpgiafdgfeehoj - C:\Users\KOENBO~1\AppData\Local\funmoods-speeddial.crx[] cpoccinflpepbknpbajgmiebcelnbiab - C:\ProgramData\Download and Sa\cpoccinflpepbknpbajgmiebcelnbiab.crx[] dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[] gjajpkikblccgefaibcafkfbanllpefi - C:\Users\Koen Boute\AppData\Roaming\7go\7go.crx[30/07/2013 14:22] jblddfdlkmkibogimliooiebhcidmpjl - C:\ProgramData\Download and Sa\jblddfdlkmkibogimliooiebhcidmpjl.crx[] mbmpjbkgemhgalmeiigcdljkccfcafoj - C:\Users\Koen Boute\AppData\Roaming\SpeedAnalysis3\SpeedAnalysis.crx[] ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Koen Boute\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[] plmlpkfpkijnlijgalnjaacllnjmoamo - C:\Users\Koen Boute\AppData\Local\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx[] pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader11.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjciahceamgodcoidkjpchnokgfpphh - C:\Users\KOENBO~1\AppData\Local\funmoods.crx[] cjpglkicenollcignonpgiafdgfeehoj - C:\Users\KOENBO~1\AppData\Local\funmoods-speeddial.crx[] nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Koen Boute\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[] ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Koen Boute\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[] plmlpkfpkijnlijgalnjaacllnjmoamo - C:\Users\Koen Boute\AppData\Local\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx[] Facebook App for Google Chrome\u2122 - Koen Boute - Default\Extensions\ainkhhbgcdbenmmbaoacambbhjfgnmmm Google Docs - Koen Boute - Default\Extensions\aohghmighlieiainnegkcijnfilokake Funmoods - Koen Boute - Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Smart Suggestor - Koen Boute - Default\Extensions\demmlacpnijjgliknaehpamnnbncnodb 7Go Games - Koen Boute - Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi Speed Analysis 3 - Koen Boute - Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj AVG Secure Search - Koen Boute - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Card number - Koen Boute - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Vuze Remote - Koen Boute - Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk DVDVideoSoftTB - Koen Boute - Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo AVG Security Toolbar - Leonie - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Google Docs - Seppe - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Seppe - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Seppe - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Seppe - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Smart Suggestor - Seppe - Default\Extensions\demmlacpnijjgliknaehpamnnbncnodb AVG Secure Search - Seppe - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Google Wallet Service - Seppe - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Seppe - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully C:\Users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully C:\Users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj deleted successfully C:\Users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully C:\Users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo deleted successfully C:\Users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\Leonie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {CA552E17-53CD-4207-BF64-DFB1A0E6B2CC} Unknown Url="Not_Found" ==== Reset Google Chrome ====================== C:\users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Leonie\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Seppe\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\users\Leonie\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\users\Seppe\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CA552E17-53CD-4207-BF64-DFB1A0E6B2CC} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1243529957-2392887556-3837762782-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cpoccinflpepbknpbajgmiebcelnbiab deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jblddfdlkmkibogimliooiebhcidmpjl deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen Boute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen Boute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Leonie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leonie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Seppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Seppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\Koen Boute\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Leonie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Seppe\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\KOENBO~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 31/08/2013 at 18:39:33,02 ======================